package com.liqi.frame.comm.token;

import com.liqi.frame.comm.po.User;
import com.liqi.frame.comm.service.PermissionService;
import com.liqi.frame.comm.service.RoleService;
import com.liqi.frame.comm.service.UserService;
import com.liqi.frame.comm.util.ShiroUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import java.util.Set;

/**
 * 用户认证类
 * @author liqi on 2017-08-26.
 */
@Component
public class MyRealm extends AuthorizingRealm {

    /**
     * 验证当前登录的用户，获取认证信息
     * @param token
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        UserToken userToken = (UserToken)token;
        User user = userService.login(userToken.getUsername(), userToken.getPswd());
        if(user != null) {
            if (User._0==user.getStatus()) {
                throw new DisabledAccountException("帐号已经禁止登录！");
            }
            return new SimpleAuthenticationInfo(user,user.getPswd(), getName());
        } else {
            throw new AccountException("帐号或密码不正确！");
//            return null;
        }
    }

    /**
     * 为当前登陆成功的用户授予权限和角色
     * @param principalCollection
     * @return doGetAuthorizationInfo
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        String userId = TokenUtil.getUserId();
//        String username = (String) principals.getPrimaryPrincipal(); //获取用户名
        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//        authorizationInfo.setRoles(userService.getRoles(username));
//        authorizationInfo.setStringPermissions(userService.getPermissions(username));
        Set<String> roles = roleService.findRoleByUserId(userId);
        Set<String> permissions = permissionService.findPermissionByUserId(userId);
//        User user = (User)principalCollection.fromRealm(getName()).iterator().next();
        authorizationInfo.setRoles(roles);
        authorizationInfo.setStringPermissions(permissions);
        return authorizationInfo;
    }

    /**
     * 指定principalCollection 清除
     */
    @Override
    public void clearCachedAuthorizationInfo(PrincipalCollection principalCollection) {
        SimplePrincipalCollection principals = new SimplePrincipalCollection(principalCollection, getName());
        super.clearCachedAuthorizationInfo(principals);
    }

    /**
     * 清空当前用户权限信息
     */
    public void clearCachedAuthorizationInfo() {
        PrincipalCollection principalCollection = ShiroUtil.getSubject().getPrincipals();
        SimplePrincipalCollection principals = new SimplePrincipalCollection(principalCollection, getName());
        super.clearCachedAuthorizationInfo(principals);
    }

    @Resource
    private UserService userService;
    @Resource
    private RoleService roleService;
    @Resource
    private PermissionService permissionService;

}
